Merge pull request #139402 from aman4433/svm-allow-notfound-patches

test/integration: fix flaky TestStorageVersionMigrationDuringChaos by extracting audit validation helper
2026-06-09 08:55:55 -04:00 · 2026-06-03 20:49:59 +05:30 · 2026-06-03 20:49:59 +05:30 · 7a1385a332
commit 7a1385a332
parent 40dab40837 afbdb1c8b7
2 changed files with 27 additions and 15 deletions
--- a/test/integration/storageversionmigrator/storageversionmigrator_test.go
+++ b/test/integration/storageversionmigrator/storageversionmigrator_test.go
@ -19,6 +19,7 @@ package storageversionmigrator
 import (
 	"bytes"
 	"context"
+	"net/http"
 	"strconv"
 	"sync"
 	"testing"
@ -169,7 +170,8 @@ func TestStorageVersionMigrationWithCRD(t *testing.T) {

 	crVersions := make(map[string]versions)

-	svmTest := svmSetup(ctx, t)
+	// chaos goroutines delete objects mid-migration, producing expected 404s on patch
+	svmTest := svmSetup(ctx, t, http.StatusNotFound)
 	certCtx := svmTest.setupServerCert(t)

 	// simulate monkeys creating and deleting CRs
@ -309,7 +311,8 @@ func TestStorageVersionMigrationDuringChaos(t *testing.T) {

 	ctx := ktesting.Init(t)

-	svmTest := svmSetup(ctx, t)
+	// chaos goroutines delete objects mid-migration, producing expected 404s on patch
+	svmTest := svmSetup(ctx, t, http.StatusNotFound)

 	svmTest.createChaos(ctx, t)

--- a/test/integration/storageversionmigrator/util.go
+++ b/test/integration/storageversionmigrator/util.go
@ -257,7 +257,7 @@ type svmTest struct {
 	filePathForEncryptionConfig string
 }

-func svmSetup(ctx context.Context, t *testing.T) *svmTest {
+func svmSetup(ctx context.Context, t *testing.T, allowedCodes ...int32) *svmTest {
 	t.Helper()

 	filePathForEncryptionConfig, err := createEncryptionConfig(t, resources["initialEncryptionConfig"])
@ -315,18 +315,7 @@ func svmSetup(ctx context.Context, t *testing.T) *svmTest {
 	}

 	t.Cleanup(func() {
-		var validCodes = sets.New[int32](http.StatusOK, http.StatusConflict) // make sure SVM controller never creates
-		_ = svmTest.countMatchingAuditEvents(t, func(event utils.AuditEvent) bool {
-			if event.User != "system:serviceaccount:kube-system:storage-version-migrator-controller" {
-				return false
-			}
-			if !validCodes.Has(event.Code) {
-				t.Errorf("svm controller had invalid response code for event: %#v", event)
-				return true
-			}
-			return false
-		})
-
+		svmTest.assertNoInvalidSVMControllerResponses(t, allowedCodes...)
 		kcm.TearDownFn()
 		server.TearDownFn()
 		utiltesting.CloseAndRemove(t, svmTest.logFile)
@ -352,6 +341,26 @@ func createKubeConfigFileForRestConfig(t *testing.T, restConfig *rest.Config) st
 	return kubeConfigFile
 }

+// assertNoInvalidSVMControllerResponses checks that the SVM controller only received
+// expected HTTP response codes. Pass allowedCodes to permit codes beyond OK and Conflict.
+func (svm *svmTest) assertNoInvalidSVMControllerResponses(t *testing.T, allowedCodes ...int32) {
+	t.Helper()
+	validCodes := sets.New[int32](http.StatusOK, http.StatusConflict)
+	for _, code := range allowedCodes {
+		validCodes.Insert(code)
+	}
+	_ = svm.countMatchingAuditEvents(t, func(event utils.AuditEvent) bool {
+		if event.User != "system:serviceaccount:kube-system:storage-version-migrator-controller" {
+			return false
+		}
+		if !validCodes.Has(event.Code) {
+			t.Errorf("svm controller had invalid response code for event: %#v", event)
+			return true
+		}
+		return false
+	})
+}
+
 func createEncryptionConfig(t *testing.T, encryptionConfig string) (
 	filePathForEncryptionConfig string,
 	err error,